similar to: samba and firewalls

Hello, I am trying to get LDAP running. So far, the server is running but I cannot connect to port 389 or the server using webmin or phpldapadmin. It could be my ISP has blocked this port but I'm not sure. I have tried to telnet to port 389 but it is refused. All other services run fine. I user the iptables ruleset found in the IP-Masquerade HowTo. Below is the ruleset I follow for

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

Hello, I have a webcam that I wish to view from the internet. It is a wireless linksys model with an ip address of 192.168.1.15. I have it set on port 8081, 192.168.1.15:8081. I am using the IP Masquerade HowTo script. Here's the rule I added to my firewall script: EXTIF="ppp0" INTIF="eth1" EXTIP="`$IFCONFIG $EXTIF | grep inet | cut -d : -f 2 | cut -d \ -f

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

Hello, I'm trying to set up port forwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails. EXTIF="eth0" INTIF="eth1" EXTIP="xxx.xxx.xxx.xxx" INTNET="192.168.1.0/24" INTIP="192.168.1.1" PORTFWIP="192.168.1.13" >From the internet,

Hi, I am running a ASTERISK BOX behind a firewall. It is at DMZ . Now I want to connect to my ASTERISK BOX from Internet. So I want to DNAT. How can I do it? Pls assume that ip address that connects to Internet on firewall is 1.2.3.4and is attached to eth0. And ASTERISK BOX is 192.168.101.23 Then, What is the rule (PREROUTING) for it? What is the port to DNAT? I think udp 5060. So I have

Hi Tinc Mailing-Group, I am a bit stuck with firewalling rules at the moment. Maybe someone could please advise me a good rc.firewall script to use on my setup. If anyone runs an ipchains firewall script on their linux box which is ALSO running tinc, could they please mail it to me, for my perusal. I have tinc pre3 set up and working on my systems, however I can only get it to work if I set the

I'm running CentOS 4 with Blue Quartz on a white box, and having problems with installing Portsentry vi the .tar.gz route. Various errors, etc. Anyone here know of a source, like an RPM or something, for Portsentry for CentOS? ... or a similar app? thnx, Manny

Hi all, I need a little help, i am studing htb to control user bandwidth (download/upload) and I made a script as below to test. I am testing using ttcp tool from by linux box to other linux (192.168.200.51). my box <---- Linux = more than 128kbit mybot -----> Linux = get 128kbit But I want to control both ways, what am I missing? script: EXTIF=eth0 INTIF=eth1 TC=/sbin/tc DOWN=128

ei tuka imam edin pf conf obache pravi mnogo nomera, kato se pusne parvoto koeto e dropva paketi, timeoutva po serverite i t.n.. i speed-a e mnogo baven, vijte ako nqkoi moje da otkrie generalna greshka da reply :) vapreki che ne e freebsd-specific :P ne sym go pisal az a i ne sam mnogo mnogo zapoznat s pf zatova ako nqkoi moje da pomogne e dobre doshyl :) btw moje i neshto ot tia opcii kato set

Hi, I am trying to setup a shaper for my linux box and I am experiencing some problems. What I am trying to do is priorizing packets on the egress link, therefore I have setup some prio classes etc. The priorizing seem to work but the problem is that the ceil parameter doesnt seem to work on non leafs. This is what stats show: > class htb 1:1 root rate 3000bit ceil 3000bit burst 1602b/8 mpu

I suppose a few questions pop up on this list about access Samba through a firewall. ?I have been very successful running Samba through a firewall, until today. ?I hit a stumbling block. I have a Linux Firewall with the public IP Address of 134.x.x.140 <it is not the exact ip address, but close>. ?I am using NAT and port forwarding to send traffic destined for 137, 138,139, and 445 for BOTH

Hello, With all the talk about Firefly, I decided to check it out, it seems to work under wine (IAX only for some reason) so I'm thinking about using it on the road. Now, my Asterisk box is behind a firewall, so I have set the firewall to forward UDP port 4569 to my Asterisk box put I'm having problems with this. I followed the instructions on the Asterisk Firewall Rules page but it

I need to forward some ports but i don''t know how to configure Shorewall: TCP port 1720 TCP port range [30000-30010] UDP port range [5000-5016] UDP port range [5020-5023] Thanks, Mitja

Hi! I have some problem in my asterisk 1.4.2, I've installed it on centOS 5.2 and this didn't accept voip QoS and can't route the packets having voip QoS. So I should change voip packets to be routing with centOS. I want to use iproute2 but i don't what to do after installing iproute2. Anyone could help me please? -------------- next part -------------- An HTML attachment was

Hi all, I appologise in advance if this is a little OT, but I am building a box that will serve as firewall and router for a small ''internet cafe / netcafe'' and am using CentOS... So here it is: What are the best tools to be used for keeping the potential script kiddies from ''harming the Internet'' :) ? I specifically want to be able to detect and prevent

I have the following network: External Interface External Interface ccc.ccc.ccc.ccc aaa.aaa.aaa.aaa | | --> VPN <--> Internet <--> FreeBSD Client (NATed extip: bbb.bbb.bbb.bbb) | FW-1 Protected Net ddd.ddd.ddd.ddd/24 VPN: ipsec freeswan (UDP encapsulated tunnel) ccc.ccc.ccc.ccc has port 136/UDP open for

Hi, all: This is just a note and suggestion, not a question; but I really like this system and thought it might be useful to others so I decided to share. Hope it helps someone, and comments or suggestions are always welcome. 1. Overview: Shorewall accepts traffic on ports that I consider "hostile" (i.e. ports on which I would NEVER expect to see connections) and redirects

I'm trying to connect a sip call from sipgate to Asterisk A to Asterisk B. Both are behind NAT, but port forwarded. I get the connection, but no voice - either in or out. I can call on SIP from A to B (and from B to A). Do it all the time. Asterisk A receives SIP calls from Junction and Teliax. CLI on A looks right: == Using SIP RTP TOS bits 184 == Using SIP RTP CoS mark 5 ==

I have been getting a lot of dictionary attacks against my server and want to automatically add the IP address of the offender when their failed SSH login attempts are equal to five or more. I was just going to write a dumb BASH script to do this unless there is a more intelligent way? Eric